feat: Adds pocket-id to docs.

config/Caddyfile

@@ -1,5 +1,38 @@
 {
     email {env.ACME_EMAIL}
+
+    security {
+          oauth identity provider generic {
+                    delay_start 3
+                    realm generic
+                    driver generic
+                    client_id 54ac14e4-4e6b-46ce-a870-01b297421e89
+                    client_secret 54ac14e4-4e6b-46ce-a870-01b297421e89
+                    scopes openid email profile
+                    base_auth_url http://localhost
+                    metadata_url http://localhost/.well-known/openid-configuration
+
+            }
+
+            authentication portal docsportal {
+                    crypto default token lifetime 3600  # Seconds until you have to reauthenticate
+                    enable identity provider generic
+                    cookie insedure off
+                    transfrom {
+                            match realm generic
+                            action add role user
+                    }
+
+            }
+
+            authorization policy docspolicy {
+                    set auth url /caddy-security/oauth2/generic
+                    allow roles user
+                    inject headers with claims
+            }
+
+    }
+
 }
 
 housh.dev {
@@ -74,7 +107,18 @@ housh.dev {
 
     @docs host docs.housh.dev
     handle @docs {
-          reverse_proxy docs:80
+          @auth {
+                  path /caddy-security/*
+          }
+
+          route @auth {
+                  authenticate with docsportal
+          }
+
+          route /* {
+                  authorize with docspolicy
+                  reverse_proxy docs:80
+          }
     }
 
     @pocket_id host id.housh.dev